This article discusses how to un-enroll individual devices from JumpCloud MDM and how to remove JumpCloud MDM from an organization which will un-enroll all devices in the organization.
Removing the JumpCloud MDM Enrollment Policy from a device does not remove the enrollment profile.
If the device is subject to the MDM Policy, removing the profile manually or via command will not be permanent. The device will receive the MDM profile again once the agent checks in again. However, this profile will not be auto-approved. If the device is to remain un-enrolled, the JumpCloud MDM Enrollment policy will need to be unbound from the device.
Removing the MDM Configuration from a Device
To remove the JumpCloud MDM Enrollment Profile from a device:
- Open a Terminal window on the affected device and run the following command to list all profiles:
- To remove an individual profile run the following command, replacing [IDENTIFIER FROM ABOVE] with the JumpCloud MDM profile that was listed with the previous command:
sudo profiles -R -p [IDENTIFIER FROM ABOVE]
- This identifier is likely com.jumpcloud.mdm, thus the command would be:
sudo profiles -R -p com.jumpcloud.mdm
Removing the MDM Configuration from an Organization
This will remove the JumpCloud MDM profile from ALL systems in the organization! Deleting the MDM Configuration from your organization will bulk un-enroll ALL devices at their next check in with JumpCloud.
To remove a single device from MDM, follow the steps above for removing the MDM profile from an individual device.
- Log in to the JumpCloud Admin Portal at: https://console.jumpcloud.com/login
- Navigate to MDM under Device Management in the left menu.
- Click the Delete button under MDM Configuration.
- Loss of access to MDM features (Security features).
- Big Sur: MacOS devices must be enrolled in JumpCloud MDM to use JumpCloud policies.